/**
 * 
 */
package com.srs.filter;

import java.util.Map;

import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.ActionProxy;
import com.opensymphony.xwork2.interceptor.AbstractInterceptor;
import com.srs.model.User;
import com.srs.util.StringUtil;

/**
 * @author chienvh
 *
 */
public class AuthorizationInterceptor extends AbstractInterceptor {

	/**
	 * 
	 */
	private static final long serialVersionUID = 1L;
	public static String[] agentIndexActions = {
		"index"};	
	public static String[] agentActions = {
		"list",
		"view",
		"add",
		"addComplete",
		"edit",
		"editComplete",
		"deleteComplete",
		"detail"};
	public static String[] agentAlertActions = {
		"alert",
		"updateAgent",
		"updateAgentQuery",
		};
	
	public static String[] configActions = {
		"edit",
		"editComplete",
		};
	public static String[] userActions = {
		"list",
		"view",
		"add",
		"addComplete",
		"edit",
		"editComplete",
		"deleteComplete",
	};
	public static String[] groupActions = {
		"list",
		"view",
		"add",
		"addComplete",
		"edit",
		"editComplete",
		"deleteComplete",
	};
	public static String[] scopeActions = {
		"list",
		"view",
		"add",
		"addComplete",
		"edit",
		"editComplete",
		"deleteComplete",
	};	
	public static String[] roleActions = {
		"list",
		"view",
		"add",
		"addComplete",
		"edit",
		"editComplete",
		"deleteComplete",
	};	
	/**
	 * 
	 */
	public AuthorizationInterceptor() {
		// TODO Auto-generated constructor stub
	}

	/* (non-Javadoc)
	 * @see com.opensymphony.xwork2.interceptor.AbstractInterceptor#intercept(com.opensymphony.xwork2.ActionInvocation)
	 */
	@SuppressWarnings("unchecked")
	@Override
	public String intercept(ActionInvocation invocation) throws Exception {
		System.out.println("AuthorizationInterceptor:intercept");
	    final ActionContext context = invocation.getInvocationContext ();
	    Map session = context.getSession();
	    
	    // Is there a "user" object stored in the user's HttpSession?
	    User loginUser = (User) session.get("loginUser");
	    if (loginUser == null || !loginUser.isRoleLogin()) {
	        return "login";
		} else {
			System.out.println("Roles:");
			if (loginUser.isRoleLogin())
				System.out.println("ROLE_LOGIN");
			if (loginUser.isRoleUserManagement())
				System.out.println("ROLE_USER_MANAGEMENT");
			if (loginUser.isRoleViewGraphicalReports())
				System.out.println("ROLE_VIEW_GRAPHICAL_REPORTS");
			if (loginUser.isRoleReceiveDailyReport())
				System.out.println("ROLE_RECEIVE_DAILY_REPORT");
			if (loginUser.isRoleReceiveAlarm())
				System.out.println("ROLE_RECEIVE_ALARM");
			if (loginUser.isRoleAgentManagement())
				System.out.println("ROLE_AGENT_MANAGEMENT");			
			ActionProxy proxy = invocation.getProxy();
			// Agent management 
			if ("/agent".equalsIgnoreCase(proxy.getNamespace())&&
				StringUtil.existInList(proxy.getActionName(), AuthorizationInterceptor.agentActions)&&
				!loginUser.isRoleAgentManagement()){
					return "permission";
			}
			if ("/config".equalsIgnoreCase(proxy.getNamespace())&&
					StringUtil.existInList(proxy.getActionName(), AuthorizationInterceptor.configActions)&&
					!loginUser.isRoleAgentManagement()){
						return "permission";
			}			
			
			// Agent index
			if ("/agent".equalsIgnoreCase(proxy.getNamespace())&&
					StringUtil.existInList(proxy.getActionName(), AuthorizationInterceptor.agentIndexActions)&&
					!(loginUser.isRoleLogin()||loginUser.isRoleViewGraphicalReports())){
						return "permission";
			}
			
			// Agent alert
			if ("/agent".equalsIgnoreCase(proxy.getNamespace())&&
					StringUtil.existInList(proxy.getActionName(), AuthorizationInterceptor.agentAlertActions)&&
					!(loginUser.isRoleLogin()||loginUser.isRoleViewGraphicalReports())){
						return "permission";
			}	
			
			// User management
			if ("/user".equalsIgnoreCase(proxy.getNamespace())&&
					StringUtil.existInList(proxy.getActionName(), AuthorizationInterceptor.userActions)&&
					!loginUser.isRoleUserManagement()){
						return "permission";
			}
			if ("/group".equalsIgnoreCase(proxy.getNamespace())&&
					StringUtil.existInList(proxy.getActionName(), AuthorizationInterceptor.groupActions)&&
					!loginUser.isRoleUserManagement()){
						return "permission";
			}		
			if ("/role".equalsIgnoreCase(proxy.getNamespace())&&
					StringUtil.existInList(proxy.getActionName(), AuthorizationInterceptor.roleActions)&&
					!loginUser.isRoleUserManagement()){
						return "permission";
			}		
			if ("/scope".equalsIgnoreCase(proxy.getNamespace())&&
					StringUtil.existInList(proxy.getActionName(), AuthorizationInterceptor.scopeActions)&&
					!loginUser.isRoleUserManagement()){
						return "permission";
			}					
			
			return invocation.invoke();
	    }
	}
	
	boolean checkAgentRole(){
		return true;
	}
}
